a proposal for Samba 3.5

Richard Sharpe rsharpe at richardsharpe.com
Mon Apr 19 17:37:54 GMT 2004

On Mon, 19 Apr 2004, Jean-Baptiste Marchand wrote:

> * Richard Sharpe <rsharpe at richardsharpe.com> [16/04/04 - 20:50]:
> > Yes. Unfortunately, Jean-Baptiste conflated two groups of users. I agree 
> > that functions useful to sys admins belongs in the net command.
> True, penetration testers and system administrators do not really have
> the same requirements...
> However, I still think that an interactive command-line tool such as
> rpcclient is very useful to system administrators, in addition to the
> net command.
> For instance, the Samba-TNG version of rpcclient supports some useful
> commands that supports the following MSRPC interface:
>  eventlog (remote Windows eventlog manipulation)
>  svcctl (remote Windows services administration) 
> My feeling is that the net command supports commands for domain-oriented
> administrative tasks but not for general Windows system administration
> tasks such as reading the eventlog, starting a Windows service and so
> on...

This seems true ...
> > I don't think that those functions that are useful to penetration testers 
> > belong in the net command at all. These things belong in rpctorture or 
> > should be part of a toolkit that allow penetration testers to test the 
> > corner cases and extremes of individual RPC interfaces.
> I was not referring to vulnerability research in RPC interfaces when I
> mentionned penetration testers.

OK, my mistake.

> I was thinking about rpcclient commands that are useful to discover
> internals of Windows domains (typically, commands that send operations
> to the samr, lsarpc,... interfaces).

Not sure what we would call it though? rpcclient? :-)

Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org, 
sharpe[at]ethereal.com, http://www.richardsharpe.com

More information about the samba-technical mailing list